[clug] "Trusting" a remote machine booting from a CD
Robert Edwards
bob at cs.anu.edu.au
Mon Apr 23 02:59:36 GMT 2007
Can you protect the data that the machine will have access to using some
sort of authenticated gateway/proxy that can be physically trusted?
If the person can "prove" who they say they are, they get access to the
data, regardless of the state of their computer.
Would that work?
Bob Edwards.
Tony Lewis wrote:
> Paul Wayper wrote:
>> Tony, what are you actually
>> trying to achieve? What particular service is that to-be-trusted
>> computer providing or connecting to? What kind of network is this?
>> What other services (e.g. network boot, ssh, vpn) do similar things and
>> why are they different? It may be that by getting to the root goal of
>> the project will reveal a much simpler way to bypass the whole security
>> issue.
>>
>
> My description was deliberately vague :-) It's the ability to boot a
> machine using a known, trusted kernel and userspace. It's similar in
> concept to the enterprise security stuff that purports to not
> unquarantine your network port until it verifies that you're running an
> antivirus and patches are up to date.
>
> It just that I really need it to be bulletproof.
>
>> The other question would be: maybe all you need is a way of telling
>> correct responses from bad ones.
>
> Yeah, I thought of this. The issue is more protecting the data that the
> machine will have access to.
>
> Tony
More information about the linux
mailing list